Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/D02495BAE0E111ECBFF27B44C4F9AE02.roa
File: D02495BAE0E111ECBFF27B44C4F9AE02.roa (raw, json)
Hash identifier: li/7cAZcUyRrZa9udI5NkYiSxx+zPkhpIRp36t7/UYE=
Subject key identifier: 7F:33:C9:78:A4:1D:EC:56:A6:AF:AD:01:A7:5F:FA:CC:F6:B6:B8:CC
Certificate issuer: /CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B
Certificate serial: 020A
Authority key identifier: 24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/D02495BAE0E111ECBFF27B44C4F9AE02.roa
Signing time: Wed 31 Jan 2024 04:16:36 +0000
ROA not before: Wed 31 Jan 2024 04:16:36 +0000
ROA not after: Mon 31 Mar 2025 00:00:00 +0000
asID: 133602
IP address blocks: 168.153.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 03:19:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 522 (0x20a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A919A713/serialNumber=24C8BBF930CD2D12399ABDF9C9CAB14B1CD79F6B
Validity
Not Before: Jan 31 04:16:36 2024 GMT
Not After : Mar 31 00:00:00 2025 GMT
Subject: CN=65b9c9a3-2855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f7:25:4e:18:7e:a9:99:6f:be:52:0d:06:c8:
b3:e8:fc:90:87:ec:a6:07:ad:44:1a:13:73:78:65:
b2:96:ff:c1:5f:ba:2b:3f:06:cc:fa:02:23:8e:a4:
9a:f5:ad:af:c2:03:af:34:9f:07:8d:a4:78:b1:ca:
78:46:b7:7d:04:d5:2f:20:ff:df:43:cf:9b:af:f5:
7f:f3:c4:96:30:03:6e:1a:a0:5b:6b:81:b5:8d:93:
f8:7f:7b:1f:e2:1f:cd:28:9a:95:1e:cd:1f:e3:fe:
72:97:21:20:c0:16:bf:4f:2c:74:72:06:6c:7e:4c:
82:62:3b:7a:96:58:25:52:73:87:03:10:4b:5c:b5:
6c:56:23:6a:5b:68:c6:b0:dd:78:03:90:fe:36:45:
b9:ba:d2:6e:8e:0c:99:55:4e:5d:bb:38:85:53:10:
b4:21:08:25:32:83:59:a9:49:e2:49:20:04:60:1e:
44:f8:69:f9:cd:4f:20:bd:c2:d6:d3:b2:50:9d:c1:
54:60:0b:b3:a8:1e:19:f2:41:00:1a:ee:4a:67:c4:
1f:5d:93:44:35:30:2f:c3:00:79:23:d5:5e:1a:25:
7b:bf:b5:3e:ed:7a:7d:6d:9c:3a:0c:5a:7e:05:56:
42:f2:2c:30:a7:7f:6f:55:aa:4d:ef:33:11:00:a1:
e5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:33:C9:78:A4:1D:EC:56:A6:AF:AD:01:A7:5F:FA:CC:F6:B6:B8:CC
X509v3 Authority Key Identifier:
keyid:24:C8:BB:F9:30:CD:2D:12:39:9A:BD:F9:C9:CA:B1:4B:1C:D7:9F:6B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/JMi7-TDNLRI5mr35ycqxSxzXn2s.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/JMi7-TDNLRI5mr35ycqxSxzXn2s.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A713/34994CB4E0DA11EC94C7E062C4F9AE02/D02495BAE0E111ECBFF27B44C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
168.153.2.0/24
Signature Algorithm: sha256WithRSAEncryption
81:4a:5b:e4:e3:c5:52:5d:de:78:a8:52:1a:a6:3c:ec:09:88:
96:bf:f8:2b:ef:f2:a4:d1:2e:c1:65:a1:50:cf:e8:1f:2d:24:
7f:9a:33:b6:1d:af:b8:60:d8:cb:08:0c:4d:ce:c0:a4:9e:3c:
77:18:f9:d5:48:88:c6:bf:63:87:56:8d:ea:43:41:32:44:c2:
ad:13:c6:4a:d5:ca:f2:65:53:04:e2:6c:3d:4b:8e:6d:61:ad:
9b:77:31:ee:46:c4:6b:79:e1:a9:64:59:54:cc:75:fb:5c:4c:
cd:9c:75:bc:6b:48:0a:8b:a5:2d:77:d5:b6:89:02:5b:2d:50:
6b:51:4d:1a:ee:ee:c4:67:38:42:4c:3a:fb:aa:be:e1:26:ac:
0b:f0:9a:6d:1e:fd:49:20:34:94:5e:d9:44:4a:87:81:7a:37:
cf:85:db:9a:f3:3e:f0:68:b2:a4:22:1d:92:52:ce:db:c7:e4:
81:03:a4:c1:1c:d1:c8:37:84:a2:3e:e9:cd:5d:46:f1:15:52:
3e:cc:ad:a2:69:30:1b:89:cb:76:bf:9e:58:d6:d1:4c:76:22:
28:ae:be:20:53:1a:fa:01:17:cd:52:3a:31:49:19:94:52:68:
73:ca:44:db:0c:f8:fd:f9:05:40:8c:91:2c:51:d4:2c:f6:fa:
55:22:50:d5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OUE3MTMxMTAvBgNVBAUTKDI0QzhCQkY5MzBDRDJEMTIzOTlBQkRGOUM5Q0FCMTRC
MUNENzlGNkIwHhcNMjQwMTMxMDQxNjM2WhcNMjUwMzMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NWI5YzlhMy0yODU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAnPclThh+qZlvvlINBsiz6PyQh+ymB61EGhNzeGWylv/BX7orPwbM+gIjjqSa
9a2vwgOvNJ8HjaR4scp4Rrd9BNUvIP/fQ8+br/V/88SWMANuGqBba4G1jZP4f3sf
4h/NKJqVHs0f4/5ylyEgwBa/Tyx0cgZsfkyCYjt6llglUnOHAxBLXLVsViNqW2jG
sN14A5D+NkW5utJujgyZVU5duziFUxC0IQglMoNZqUniSSAEYB5E+Gn5zU8gvcLW
07JQncFUYAuzqB4Z8kEAGu5KZ8QfXZNENTAvwwB5I9VeGiV7v7U+7Xp9bZw6DFp+
BVZC8iwwp39vVapN7zMRAKHlWwIDAQABo4IClTCCApEwHQYDVR0OBBYEFH8zyXik
HexWpq+tAadf+sz2trjMMB8GA1UdIwQYMBaAFCTIu/kwzS0SOZq9+cnKsUsc159r
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTcxMy8zNDk5NENCNEUw
REExMUVDOTRDN0UwNjJDNEY5QUUwMi9KTWk3LVRETkxSSTVtcjM1eWNxeFN4elhu
MnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy
RkQxRkYyL0pNaTctVEROTFJJNW1yMzV5Y3F4U3h6WG4ycy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OUE3MTMvMzQ5OTRDQjRFMERBMTFFQzk0QzdFMDYyQzRGOUFFMDIvRDAyNDk1QkFF
MEUxMTFFQ0JGRjI3QjQ0QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAComQIwDQYJKoZIhvcNAQELBQADggEBAIFKW+TjxVJd3nio
UhqmPOwJiJa/+Cvv8qTRLsFloVDP6B8tJH+aM7Ydr7hg2MsIDE3OwKSePHcY+dVI
iMa/Y4dWjepDQTJEwq0TxkrVyvJlUwTibD1Ljm1hrZt3Me5GxGt54alkWVTMdftc
TM2cdbxrSAqLpS131baJAlstUGtRTRru7sRnOEJMOvuqvuEmrAvwmm0e/UkgNJRe
2URKh4F6N8+F25rzPvBosqQiHZJSztvH5IEDpMEc0cg3hKI+6c1dRvEVUj7MraJp
MBuJy3a/nljW0Ux2IiiuviBTGvoBF81SOjFJGZRSaHPKRNsM+P35BUCMkSxR1Cz2
+lUiUNU=
-----END CERTIFICATE-----
Generated at Mon Oct 7 06:34:35 2024 by rpki-client on console-fra.rpki-client.org